AdTech Data Protection Complaint

The campaign against data protection violations in AdTech real-time bidding (RTB) systems is growing.

In September 2018 Open Rights Group Executive Director Jim Killock joined Dr. Johnny Ryan of Brave and Michael Veale of University College London to file complaints to European data protection authorities against Google and IAB Europe for General Data Protection Regulation (GDPR) violations in their RTB AdTech systems.

Whenever a targeted ad is served to an Internet user, this is the result of their personal data being shared and bidded out to potentially hundreds of companies. That data can include a user’s location, browsing habits and other intimate details. The “bid request” process does not protect against unauthorised access to personal data, which is a violation of GDPR rules.

In just a few short months AdTech complaints have rapidly grown in size and impact with no signs of slowing down. So far this year complaints have been filed across in Netherlands, Spain, Luxembourg, Belgium, Bulgaria, Czech Republic, Estonia, France, Germany, Hungary, Italy and Slovenia. The Irish Data Protection Commission (DPC) also opened a formal inquiry into Google’s Ad Exchange.

The latest

In a serious wake up call to the targeted advertising industry, on 20 June 2019 the Information Commissioner’s Office (ICO) agreed with complaints by Open Rights Group and Dr. Michael Veale that adTech real-time bidding systems give individuals “no guarantees about the security of their personal data”.

Watch this space to learn how you can help as the fight against unjust digital advertising practices grows.